Unpatched Internet Explorer bug causes Microsoft to issue a security advisory for Internet Explorer 9 and previous versions. The in-the-wild exploit can install the Poison Ivy trojan; malware used to steal data or take remote control of PCs. [Read more…]
LastPass Sentry is a new feature of LastPass that will automatically monitor your accounts against known compromised site and inform you if your email appears in a list of breached accounts. [Read more…]
Anatomy of an Attack – Why You Need to Consider Security in the Cloud is depicted via an interactive infographic.
Facebook’s new Frictionless Sharing feature allows Facebook to track every website you visit; everything you do online… even when you’re not logged into Facebook. Nik Cubrilovic, who shows the code and describes how to replicate his findings states, “Even if you are logged out, Facebook still knows and can track every page you visit. The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions.” [Read more…]
Proof of concept code BEAST, which is short for Browser Exploit Against SSL/TLS, that can defeat SSL on an address protected by the HTTPS prefix… which is like every secure site on the Internet. [Read more…]